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Allowable Subject Matter 

Claims 1-3,5-9,1 1-17 are allowed. 

The following is an examiner's statement of reasons for allowance: 

The provision for — a controlled multicast system, comprising: an Ethernet 
switch; a multicast router, wherein: 

the Ethernet switch connects with each of a plurality of hosts in a downlink, and 
connects with the multicast router in an uplink, 

the multicast router connects with a multicast router of other systems in the 
uplink, the Ethernet switch implementing multicast exchange of a layer 2, and 
an IGMP V2 protocol is adopted as group management protocol between the Ethernet 
switch and the host; 

wherein the controlled multicast system further comprises: 

a portal server, connecting with the multicast router and providing an interface of 
user access authentication; 

an authentication server, storing configuration of privilege for the host which 
wants to join in the multicast group; 

wherein: 

the multicast router and the authentication server are configured to adopt a 
Client- server structure by which the authentication server authenticates identification of 
the host to join in a multicast group with information inputted through the interface 
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provided by the portal server, and 

the multicast router records a User ID and a vlan ID corresponding to the User ID 
of the authenticated host and then distributes control commands according to results of 
the authentication to control multicast forwarding operations of the Ethernet switch; 

configuration of privilege comprises a corresponding relation between the User 
ID of the host and a address of multicast group in which the host wants to join; 

the information inputted through the interface provided by the portal server 
comprises the User ID and a password; 

each port through which the host is connected to the Ethernet switch is a vlan 
wherein the authentication server in the system further for, after receiving an extended 
RADIUS authentication message from the multicast router, of which attributes include 
the User ID as the user name and the address of multicast group in which the host 
wants to join, detecting whether to accept the host joining in the multicast group based 
on the configuration of privilege; 

responding with an acceptance message to the multicast router if the host has 
suitable privilege, otherwise returning a reject message; 

wherein the multicast router in the system further for, after receiving an IGMP 
Membership Report message from the Ethernet switch, according to the vlan ID in the 
message, searching the corresponding User ID in a multicast access privilege table of 
the multicast router , and then sending the said extended RADIUS authentication 
message, to the authentication server; 

after receiving the acceptance message from the authentication server, writing 
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the address of the multicast group in which the host can join into the said multicast 
access privilege table , and implementing a routine disposal on join messages of the 
host, then generating a Join message, which comprises the vlan ID corresponding to 
the port that links with the host which wants to join in the multicast group , the address of 
the multicast group that is applied for, and a Join command field, and then transmitting 
to the Ethernet switch; moreover, completing a routine processing of creating multicast 
forwarding tree on the IGMP Membership Report message; doing nothing after 
receiving the reject message; 

the Ethernet switch for, forwarding the IGMP Membership Report message from 
the host, wherein the IGMP Membership Report message forwarded to the multicast 
router port carries with the vlan ID of the host; 

after receiving the Join message from the multicast router, searching the MAC 
address corresponding to the address of the multicast group in the forwarding table; if 
the entry corresponding with the MAC address is found, obtaining the port number of 
the host via searching in the forwarding table with the vlan ID in the Join message , and 
then adding the port number into the said entry; if nothing is found, adding an entry in 
the forwarding table, which comprises the MAC address corresponding to the multicast 
address, the port number of the host which applies to join in the multicast group, and 
the port number of the multicast router connected with the Ethernet switch; 
after receiving a multicast flow from the multicast router, forwarding it to ports of the 
Ethernet switch with the current forwarding table 
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— wherein all the features previously described are combined in one singular 
embodiment, is not fairly taught or suggested by the prior art of record. 



The Examiner finds particular novelty in the multicast system implemented using 
IGMP messaging as described in the Applicant Specification (page 10, paragraphs 1, 
figure 7 ) wherein the said multicast router and Ethernet switch each maintain separate 
lookup tables and are working in combination to ensure that only a specific, distinct 
authorized user can join in the multicast group; through one-to-one relationship among 
the port, the user and the vlan ID. The multicast switch, after receiving an IGMP 
Membership Report message from the Ethernet switch, according to the vlan ID in the 
message, searching the corresponding User ID in a multicast access privilege table of 
the multicast router , and then sending the said extended RADIUS authentication 
message, to the authentication server. The multicast router determines user privilege 
from an AAA server and upon receiving the acceptance message, the multicast router 
will record the address of the multicast group (Page 12) where the user can join into the 
multicast access privilege table of the user. Meanwhile the Ethernet switch (LAN 
Switch) classifies the vlan according to the ports, each of which connects with one user, 
and records said information in a VLAN/Port table. (Page 12) 

The multicast routers generates and transmits the HGMP Join message to the 
switch, which comprises the vlan number (vlan 1 ) of the host which applies to join in the 
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multicast group, the address (224.1 .2.3) of the multicast group in which the host applies 
to join. 

The Ethernet switch obtains the correct port number of the host through 
searching said VLAN table using the vlan ID in the Join message. 

Fukutomi disclosed a CE router having a LAN interface in combination with said 
IGMP Proxy processing section and packet relay processing section that is equivalent 
to an Ethernet switch. Fukutomi Paragraph 106 describes wherein the CE router 
performs a relay operation between the user PC and PE router ('multicast router' ). 
Thus the Fukutomi CE router having a LAN interface in combination with said IGMP 
Proxy processing section and packet relay processing section is enabled to function 
for forwarding multicast packets while adapting to the IGMP protocol. The Examiner 
notes that while Fukutomi describes an embodiment wherein the CE router is connected 
to one host Fukutomi is not limited to this embodiment. 

However Fukutomi did not disclose the multicast router receiving an IGMP 
Membership Report message from the Ethernet switch, and according to the vlan ID in 
the message, searching the corresponding User ID in a multicast access privilege table 
of the multicast route. 

However Fukutomi did not disclose wherein the Ethernet switch classifies the 
vlan according to the ports, each of which connects with one user, and records said 
information in a VLAN/Port table. Fukutomi did not disclose obtaining the correct port 
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number of the host through searching said VLAN table using the vlan ID in the Join 
message. 

Haggerty disclosed a multicast system implemented using IGMP messaging. 
(Haggerty-Column 4 Lines 55-65) 

Howeever Haggerty did not disclose the multicast router receiving an IGMP 
Membership Report message from the Ethernet switch, and according to the vlan ID in 
the message, searching the corresponding User ID in a multicast access privilege table 
of the multicast route. 

However Haggerty did not disclose wherein the multicast router generates and 
transmits the HGMP Join message to the switch, which comprises the vlan number of 
the host which applies to join in the multicast group, the address of the multicast group 
in which the host applies to join. Haggerty did not disclose wherein the Ethernet switch 
classifies the vlan according to the ports, each of which connects with one user, and 
records said information in a VLAN/Port table. Haggerty did not disclose obtaining the 
correct port number of the host through searching said VLAN table using the vlan ID in 
the Join message. 

Dobbins disclosed a multicast forwarding table implemented in a VLAN Ethernet 
switch such that multicast packets are sent only to ports defined for a particular VLAN. 
(Dobbins-Column 2 Lines 50-65) Tables are maintained for mapping the VLAN-IDs with 
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associated end systems and access ports. When a broadcast packet is received at a 
first switch, it is encapsulated with a VLAN header, including the VLAN-IDs, and sent 
out a multicast channel to all other switches in the network (domain). 

However Dobbins did not disclose transmitting an IGMP Membership Report 
message from the Ethernet switch to a multicast router. 

However Dobbins did not disclose wherein the multicast router determines user 
privilege from an AAA server and upon receiving the acceptance message, the 
multicast router will record the address of the multicast group where the user can join 
into the multicast access privilege table of the user. Dobbins did not disclose wherein 
the multicast router generates and transmits the HGMP Join message to the switch, 
which comprises the vlan number of the host which applies to join in the multicast 
group, the address of the multicast group in which the host applies to join. Dobbins did 
not disclose obtaining the correct port number of the host through searching said VLAN 
table using the vlan ID in the Join message. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 



Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to GREG BENGZON whose telephone number is 
(571)272-3944. The examiner can normally be reached on Mon. thru Fri. 8 AM - 4:30 
PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Vaughn can be reached on (571)272-3922. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/G. B./ 

Examiner, Art Unit 2444 



/Yemane Mesfin/ 

Primary Examiner, Art Unit 2444 



